semver - npm Package Compare versions

		@@ -101,2 +101,3 @@ // hoisted class for cyclic dependency
		debug('hyphen replace', range)

		// `> 1.2.3 < 1.2.5` => `>1.2.3 <1.2.5`
		@@ -108,5 +109,7 @@ range = range.replace(re[t.COMPARATORTRIM], comparatorTrimReplace)
		range = range.replace(re[t.TILDETRIM], tildeTrimReplace)
		debug('tilde trim', range)

		// `^ 1.2.3` => `^1.2.3`
		range = range.replace(re[t.CARETTRIM], caretTrimReplace)
		debug('caret trim', range)

		@@ -113,0 +116,0 @@ // At this point, the range is completely trimmed and

internal/constants.js

		@@ -12,2 +12,6 @@ // Note: this is the semver.org version of the spec that it implements

		// Max safe length for a build identifier. The max length minus 6 characters for
		// the shortest version with a build 0.0.0+BUILD.
		const MAX_SAFE_BUILD_LENGTH = MAX_LENGTH - 6

		const RELEASE_TYPES = [
		@@ -26,2 +30,3 @@ 'major',
		MAX_SAFE_COMPONENT_LENGTH,
		MAX_SAFE_BUILD_LENGTH,
		MAX_SAFE_INTEGER,
		@@ -28,0 +33,0 @@ RELEASE_TYPES,

internal/re.js

		@@ -1,2 +0,2 @@
		const { MAX_SAFE_COMPONENT_LENGTH } = require('./constants')
		const { MAX_SAFE_COMPONENT_LENGTH, MAX_SAFE_BUILD_LENGTH } = require('./constants')
		const debug = require('./debug')
		@@ -12,12 +12,27 @@ exports = module.exports = {}

		const LETTERDASHNUMBER = '[a-zA-Z0-9-]'

		// Replace some greedy regex tokens to prevent regex dos issues. These regex are
		// used internally via the safeRe object since all inputs in this library get
		// normalized first to trim and collapse all extra whitespace. The original
		// regexes are exported for userland consumption and lower level usage. A
		// future breaking change could export the safer regex only with a note that
		// all input should have extra whitespace removed.
		const safeRegexReplacements = [
		['\\s', 1],
		['\\d', MAX_SAFE_COMPONENT_LENGTH],
		[LETTERDASHNUMBER, MAX_SAFE_BUILD_LENGTH],
		]

		const makeSafeRegex = (value) => {
		for (const [token, max] of safeRegexReplacements) {
		value = value
		.split(`${token}*`).join(`${token}{0,${max}}`)
		.split(`${token}+`).join(`${token}{1,${max}}`)
		}
		return value
		}

		const createToken = (name, value, isGlobal) => {
		// Replace all greedy whitespace to prevent regex dos issues. These regex are
		// used internally via the safeRe object since all inputs in this library get
		// normalized first to trim and collapse all extra whitespace. The original
		// regexes are exported for userland consumption and lower level usage. A
		// future breaking change could export the safer regex only with a note that
		// all input should have extra whitespace removed.
		const safe = value
		.split('\\s*').join('\\s{0,1}')
		.split('\\s+').join('\\s')
		const safe = makeSafeRegex(value)
		const index = R++
		@@ -38,3 +53,3 @@ debug(name, index, value)
		createToken('NUMERICIDENTIFIER', '0\|[1-9]\\d*')
		createToken('NUMERICIDENTIFIERLOOSE', '[0-9]+')
		createToken('NUMERICIDENTIFIERLOOSE', '\\d+')

		@@ -45,3 +60,3 @@ // ## Non-numeric Identifier

		createToken('NONNUMERICIDENTIFIER', '\\d[a-zA-Z-][a-zA-Z0-9-]')
		createToken('NONNUMERICIDENTIFIER', `\\d[a-zA-Z-]${LETTERDASHNUMBER}`)

		@@ -81,3 +96,3 @@ // ## Main Version

		createToken('BUILDIDENTIFIER', '[0-9A-Za-z-]+')
		createToken('BUILDIDENTIFIER', `${LETTERDASHNUMBER}+`)

		@@ -84,0 +99,0 @@ // ## Build Metadata

package.json

		{
		"name": "semver",
		"version": "7.5.2",
		"version": "7.5.3",
		"description": "The semantic version parser used by npm.",
		@@ -5,0 +5,0 @@ "main": "index.js",

README.md

		@@ -162,3 +162,5 @@ semver(1) -- The semantic versioner for npm
		`1.2.7`, `1.2.8`, `2.5.3`, and `1.3.9`, but not the versions `1.2.6`
		or `1.1.0`.
		or `1.1.0`. The comparator `>1` is equivalent to `>=2.0.0` and
		would match the versions `2.0.0` and `3.1.0`, but not the versions
		`1.0.1` or `1.1.0`.

		@@ -165,0 +167,0 @@ Comparators can be joined by whitespace to form a `comparator set`,

Improved metrics